Risk

2/18/2009
01:59 PM
50%
50%

About-Facebook: Zuckerberg Relents On Privacy Rules

Social networking site's CEO reverses course on new polices that drew fire from users.

Facebook has reverted back to its old terms of use, just days after CEO Mark Zuckerberg explained in a blog post that recently revised terms were intended to make the site's policies clearer to users.

Zuckerberg said Monday that members own their information on the site and control who sees it, but when they delete their accounts, Facebook retains the right to the information, so friends still have the information that was shared.

Although Zuckerberg said that the new wording was aimed at clarifying Facebook's policies rather than changing them, users protested. Many expressed distrust and aired suspicions that the site would sell or share their information with third parties.

He said that people want full ownership of their information and the ability to move contact information and photographs to other services, but they also want to be able to block access to their own information whenever they choose.

"These two positions are at odds with each other," he explained. "There is no system today that enables me to share my email address with you and then simultaneously lets me control who you share it with and also lets you control what services you share it with."

The new language gave Facebook "irrevocable, perpetual, non-exclusive, transferable, fully paid worldwide license" to material on the site. Users protested on the site, while external groups also took action. The Electronic Privacy Information Center threatened legal action.

Tuesday night, after failed attempts to allay users' fears, Zuckerberg did an about-face and said that Facebook would revert to its old terms and conditions while attempting to resolve the issues that critics had raised.

In the meantime, the site has created a "Bill of Rights and Responsibilities" and a forum where users can discuss the issues.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: No, no, no! Have a Unix CRON do the pop-up reminders!
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.